cloudstack-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jayapal Reddy Uradi <jayapalreddy.ur...@citrix.com>
Subject Re: Ebtables
Date Sat, 27 Apr 2013 11:24:04 GMT
The below rules block the traffic from the secondary ips.

> -A i-2-9-VM-in -p ARP --arp-ip-src ! 66.232.104.216 -j DROP
> -A i-2-9-VM-out -p ARP --arp-ip-dst ! IPADDRESS.OF.INSTANCE -j DROP

you can either delete above rules or flush the chains.

Thanks,
Jayapal

On 27-Apr-2013, at 5:05 AM, Maurice Lawler <maurice.lawler@me.com>
 wrote:

> Sorry...
> 
> Could someone please remind me, the chain I would need to delete from ebtables to permit
traversing of a secondary IP on a specified instance? 
> 
> == Output from Ebtables ==
> 
> -A i-2-9-VM-in -s ! 6:2f:ca:0:0:c -j DROP
> -A i-2-9-VM-in -p ARP -s ! 6:2f:ca:0:0:c -j DROP
> -A i-2-9-VM-in -p ARP --arp-mac-src ! 6:2f:ca:0:0:c -j DROP
> -A i-2-9-VM-in -p ARP --arp-ip-src ! 66.232.104.216 -j DROP
> -A i-2-9-VM-in -p ARP --arp-op Request -j ACCEPT
> -A i-2-9-VM-in -p ARP --arp-op Reply -j ACCEPT
> -A i-2-9-VM-in -p ARP -j DROP
> -A i-2-9-VM-out -p ARP --arp-op Reply --arp-mac-dst ! 6:2f:ca:0:0:c -j DROP
> -A i-2-9-VM-out -p ARP --arp-ip-dst ! IPADDRESS.OF.INSTANCE -j DROP
> -A i-2-9-VM-out -p ARP --arp-op Request -j ACCEPT
> -A i-2-9-VM-out -p ARP --arp-op Reply -j ACCEPT
> -A i-2-9-VM-out -p ARP -j DROP
> 
> 
> I'd appreciate any assistance in this matter.
> 
> 
> 


Mime
View raw message